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DETAILED ACTION 

1. Claims 24-36 and 51-58 are pending. Claim 24 has been amended. 

2. The 1 12 rejection has been withdrawn due to clarification by the attorney. 

3. The arguments by the attorney have been considered. The arguments are over the amended 
limitation of Claim 24. The limitation of the first secure session being used to encrypt and 
transmit the requested content from the SRP to the web browser and the limitation of the third 
secure session being used to encrypt data stored in the SRP was just disclosed by the attorney in 
the current amendment. Hence, the amended Claim 24 makes the arguments by the attorney 
moot. Hence the newly amended claim(s) are rejected as shown below. 

4. With respect to Claim 25 and 5 1 , its rejection has been modified to better illuminate the scope 
of the rejection. 

Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S. C 102 that form the 
basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public use or on 
sale in this country, more than one year prior to the date of application for patent in the United States. 

Claims 24, 26, 28, 29, 36 are rejected under 35 U.S.C. 102(b) as being anticipated by 
Netscape Proxy Server Administrator's (N.P.S.A) Guide. 
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With respect to Claim 24, the limitation "coupling at least one SRP among at least one 
web browser and at least one web server wherein the at least one SRP receives from the at least 
one web browser requests for establishing a first secure session" is met in Chapter 7, in Fig. 7.4. 

Further limitation of "establishing the first secure session using a first secure session 
protocol between the at least one SRP and the at least on web browser, wherein the web browser 
sends an encrypted request for content to the at least one SRP" is met by Chapter 7 on Figure 7.4 
and Chapter 7, page 3, 2 nd and 3 rd paragraphs. The paragraphs describe the figure 7,4 and 
disclose the referenced limitation. 

Further limitation of "decrypting the encrypted request for content from the at least one 
web browser at the at least one SRP using the first secure session protocol, wherein the at least 
one SRP using the first secure session protocol, wherein the at least one SRP determines that the 
at least one SRP does not possess the requested content" is met by Chapter 9 in the "How 
Caching Works" section and Fig. 9.1. This section and figure discloses how a request from a 
client to a remote server is detoured to the proxy server that determines whether the content is 
available there. 

Further limitation of "establishing a second secure session using a second secure session 
protocol between the at least one SRP and the at least one web server, wherein the second secure 
session is maintained" is met by Chapter 7 on Figure 7.4. This figure shows that a second secure 
session is established between the proxy server and the web server. 
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Further limitation of "encrypting the request for content from the at least one web 
browser using the second secure session" is met by Chapter 7 on Fig. 7.4 and the paragraph 
above this figure. 

Further limitation of "sending the encrypted request for content to the at least one web 
server using the second secure session" is met by Chapter 7 on Fig. 7.4. 

Further limitation of "receiving the content from the at least one web server at the at least 
one SRP using the second secure session" is met by Chapter 7 on Fig. 7.4. 

Further limitation of "decrypting the content using the second secure session protocol" is 
inherently met by Chapter 7 on Fig. 7.4 and the paragraph above the figure because the SRP 
cannot read the data received unless it is decrypted. 

Further limitation of "encrypting said content using the first secure session protocol for 
sending, using the first session, to the at least one web browser in response to the encrypted 
request for content" is met by Chapter 7 on Fig. 7.4. This first encrypted, secure session is 
depicted in the cited figure between the client and the proxy, and is used to transmit the 
requested content from the SRP (proxy) to the client (web browser). This is the same first secure 
session that the client initially used to request content from the SRP. 

Further limitation of "encrypting the requested content using a third secure session 
protocol for storing the encrypted requested content locally in a memory at the at least one SRP" 
is met by Chapter 14, first and second pages. The reference discloses encryption in a proxy 
server. The proxy server represents the SRP. The second page lists the various types of 
encryption protocols possible. Hence a third secure session for encrypting the requested content 
and storing that content locally in a proxy server (SRP) is inherent. 



Application/Control Number: 09/90 1 ,350 Page 5 

Art Unit: 2135 

The final limitation of "retrieving the content from the memory at the at least one SRP 
upon subsequent requests for the content" is met by Chapter 9 in the "How Caching Works" 
section. 

With respect to Claim 26, the limitations "wherein storing includes using non- volatile 
media" is met by the Netscape Proxy Administrator's Guide on Chapter 9, first and fourth 
paragraph. The cache is described under the "Understanding the Cache Structure" of Chapter 9, 
first paragraph as consisting of partitions, which is a storage area located on a disk. These disk 
partitions are non- volatile storage media and hence will retain information when the power is 
removed. 

With respect to Claim 28, the limitation "wherein coupling includes collocating the web 
server and the SRP" is met on Chapter 7 on page 4, "Proxying for Load Balancing" section, first 
three paragraphs. 

With respect to Claim 29, the limitation "wherein content includes an HTTP page" is met 
by Chapter 9, page 1, third paragraph. 

With respect to Claim 36, the limitation "before storing the HTTP page, encrypting the 
HTTP page" is met by on Chapter 7, figure 7.4. 
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Claim Rejections - 35 USC §103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

Claims 25, 27, 30, 31, 32, 34, 35 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Netscape Proxy Server Administrator's Guide in view of Bellwood (WO 
01/03398 A2). 

With respect to Claim 25, all the limitation is met by Netscape Proxy Server 
Administrator' s(N.P.S. A.) Guide except the limitation disclosed below. 

The limitation "wherein the third secure session protocol is known only to the at least one 
SRP" is met by Bellwood on page 3, lines 31-36. The third secure session is obvious from the 
disclosure of the first session master secret because this secret can be used by the proxy to 
cache/encrypt/decrypt secure information. This protocol is achieved without the server's 
knowledge or participation. 

It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to combine the teachings of Bellwood within the system of N.P.S.A. because a third 
secure session unknown to the server allows for a more secure communication. 
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With respect to Claim 27, all the limitation is met by the Netscape Proxy Server 
Administrator's(N.P.S.A.) Guide except the limitation described below. 
The limitation "wherein coupling includes establishing a dedicated secure line between the SRP 
and the web server" is met by Bellwood on page 3, line 40 and page 4, lines 1-2. 
It would have been obvious to one of ordinary skill in the art at the time the invention was made 
to combine the teachings of Bellwood within the system of N.P.S.A. because establishing a 
dedicated line would be useful in providing a secure and private connection to the internet. 

With respect to Claims 30 and 3 1 , all the limitation is met by the Netscape Proxy Server 
Administrator' s(N.P.S. A.) Guide except the limitation described below. 

The limitation "wherein the first/second secure session includes Transport Layer Security 
protocol" is met by Bellwood on page 1, lines 13-17. 

It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to combine the teachings of Bellwood within the system of N.P.S.A. because TLS is a 
well-known and effective protocol in providing privacy and data integrity between 
communicating entities. 

With respect to Claim 32, all the limitation is met by the Netscape Proxy Server 
Administrator' s(N.P.S. A.) Guide except the limitation described below. 

The limitation "wherein the first secure session includes Secure Socket Layer protocol" is 
met by Bellwood on page 1, lines 13-17. 
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It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to combine the teachings of Bellwood within the system of N.P.S.A. because SSL is a 
well-known and effective protocol in providing privacy and data integrity between 
communicating entities. 

With respect to Claim 34 and 35, all the limitation is met by the Netscape Proxy Server 
Administrator' s(N.P.S.A.) Guide except the limitation described below. 

The limitation "wherein the first/second secure session includes IPsec" is implicitly met 
by Bellwood on page 1, lines 13-17. 

It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to combine the teachings of Bellwood within the system of N.P.S.A. because IPsec is 
a form of authentication and encryption protocol and is comparable to TLS/SSL with respect to 
achieving the same functions of preserving the integrity of the data. 

Claims 37, 51, 52, 53, 54, 55, 58 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Netscape Proxy Server Administrator's Guide in view of Maruyama et al 
(US2002/00 15497 Al) 

With respect to Claim 37, the limitation "a processing mechanism" is met inherently by 
N.P.S.A. in Chapter 7, first paragraph. 

Further limitation of "an encryption and decryption mechanism" is inherently met by 
N.P.S.A. in Chapter 7, page 1, fourth paragraph and Fig. 7.4. 
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Further limitation of "a tamper-resistant mechanism for storing one or more keys, 
wherein the one or more keys are known only to the SRP and are used for encrypting the content 
before storing the content in a secure local cache for future requests for the content" is partly met 
by N.P.S.A. in Chapter 7, Fig. 7.4. N.P.S.A. however does not disclose a tamper resistant 
mechanism for storing one or more keys. 

The tamper resistant mechanism for storing one or more keys is met by Maruyama et al 
on paragraph 52 on page 4. 

It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to combine the teachings of Maruyama et al within the system of N.P.S.A. because a 
tamper resistant mechanism for storing keys provides a greater form of security to the system. 

With respect to Claim 51, all the limitation is met by N.P.S.A. except that disclosed 

below. 

Maruyama meets the limitation of "a processing mechanism", "a tamper-resistant 
mechanism for storing one or more keys, wherein the one or more keys are known only to the 
SRP and are used for encrypting the content before storing the content in a secure local cache for 
future requests for the content" on page 4, paragraph 52; and "an encryption and decryption 
mechanism" on Fig. 4 and page 4, paragraph 52, 

It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to combine the teachings of Maruyama et al within the system of N.P.S.A. because a 
tamper resistant mechanism provides a greater form of security to the system. 
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With respect to Claim 52, all the limitation is met by N.P.S.A. except that disclosed 

below. 

The limitation of "wherein the tamper-resistant mechanism includes a tamper-resistant 
non-volatile card" is met by Maruyama et al on paragraph 52, on page 4. 

It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to combine the teachings of Maruyama et al within the system of N.P.S.A. because a 
tamper resistant mechanism provides a greater form of security to the system. 

With respect to Claim 53, the limitation "wherein the local cache includes non-volatile 
memory" is met by the Netscape Proxy Administrator's (N.P.S.A.) Guide on Chapter 9, first and 
fourth paragraph. The cache is described under the "Understanding the Cache Structure" of 
Chapter 9, first paragraph as consisting of partitions, which is a storage area located on a disk. 
These disk partitions are non- volatile storage media and hence will retain information when the 
power is removed. 

With respect to Claim 54, the limitation "wherein the SRP appliance is configured for 
using a secure protocol" is met by N.P.S.A. on Chapter 7, page 2, 2 nd paragraph. 

With respect to Claim 55, the limitation "wherein the SRP appliance is configured for 
using a secure socket layer protocol" is met N.P.S.A. on Chapter 7, page 2, 2 nd paragraph. 
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With respect to Claim 58 ? the limitation "wherein the SRP appliance is coupled among at 
least one web server and at least one web browser, wherein the SRP appliance intercepts requests 
from the at least one web browser to establish a secure network communication session with the 
at least one web server" is met by N.P.S.A. on Chapter 7, figure 7.4. 

Claim 56 and 57 are rejected under 35 U.S. C. 103(a) as being unpatentable over Netscape 
Proxy Server Administrator's (N.P.S.A.) Guide in view of Maruyama et al (US2002/00 15497 
Al) in further view of Bellwood (WO 01/03398 A2) 

With respect to Claim 56, all the limitation is met by the combination of N.P.S.A. and 
Maruyama et al except that of an IPSec protocol being used. 

The limitation "wherein the SRP appliance is configured for using IPSec techniques" is 
met implicitly by Bellwood on page 1, lines 13-17. 

It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to combine the teachings of Bellwood within the system of N.P.S.A. because IPsec is 
a form of authentication and encryption protocol and is comparable to TLS/SSL with respect to 
achieving the same functions of preserving the integrity of the data. 

With respect to Claim 57, all the limitation is met by the combination for N.P.S.A. and 
Maruyama except that of using a TLS protocol. 

This is met by Bellwood on page 1, lines 13-17. 

It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to combine the teachings of Bellwood within the system of N.P.S.A. because TLS is a 
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well-known and effective protocol in providing privacy and data integrity between 
communicating entities. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Tracey Akpati whose telephone number is 703-305-7820, The 
examiner can normally be reached on 8.30am-6.00pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Vu can be reached on 703-305-4393. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
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